CSCE 790: Computer Network Security

Download Report

Transcript CSCE 790: Computer Network Security

CSCE 515:
Computer Network Programming
Chin-Tser Huang
[email protected]
University of South Carolina
Layer 7: Application
Application
Presentation
Session
Transport
Each Layer 7 protocol specifies how one
particular application uses a network.
Each protocol specifies how an application
on one machine makes request and how
the application on another machine
responds.
Network
Data link
Physical
1/15/2004
(C) 2004 Chin-Tser Huang
2
Layer 6: Presentation
Application
Presentation
Session
Layer 6 protocols specify how to represent
data. They are used to translate from the
representation on one computer to the
representation on another computer.
Transport
Network
Data link
Physical
1/15/2004
(C) 2004 Chin-Tser Huang
3
Layer 5: Session
Application
Presentation
Session
Transport
Network
Layer 5 protocols specify how to establish a
communication session with a remote
system, including specifications for security
details such as authentication using
passwords.
Data link
Physical
1/15/2004
(C) 2004 Chin-Tser Huang
4
Layer 4: Transport
Application
Presentation
Session
Transport
Network
Layer 4 protocols specify how to provide
reliable data transfer for different
applications.
Data link
Physical
1/15/2004
(C) 2004 Chin-Tser Huang
5
Layer 3: Network
Application
Presentation
Session
Transport
Network
Data link
Layer 3 protocols specify how addresses are
assigned and how packets are forwarded
between networks.
Physical
1/15/2004
(C) 2004 Chin-Tser Huang
6
Layer 2: Data Link
Application
Presentation
Session
Transport
Network
Data link
Physical
1/15/2004
Layer 2 protocols specify how to organize
data into frames and how to transmit
frames over a network.
(C) 2004 Chin-Tser Huang
7
Layer 1: Physical
Application
Presentation
Session
Transport
Network
Data link
Physical
1/15/2004
Layer 1 protocols specify details of
interacting with network hardware.
(C) 2004 Chin-Tser Huang
8
Origin of Internet



In the 60’s, US DoD funded ARPANET
for testing new network technologies
ARPANET was later extended to the
Internet
Protocol suite used with Internet is
Transmission Control Protocol/Internet
Protocol (TCP/IP)
1/15/2004
(C) 2004 Chin-Tser Huang
9
TCP/IP Model in Internet
OSI model
TCP/IP model
Application
Presentation
Application
Session
Transport
Transport
Network
Network
Data link
Link
Physical
1/15/2004
(C) 2004 Chin-Tser Huang
10
Transport Layer



Protocol: TCP, UDP
TCP provides a reliable flow of data
between two hosts; including
mechanism of connection setup,
congestion control, and retransmission
UDP provides a simpler service which is
unreliable
1/15/2004
(C) 2004 Chin-Tser Huang
11
Client-Server Model




Assume one side of communication is
client, and the other side is server
Server waits for a client request to
arrive
Server processes the client request and
sends the response back to the client
Iterative or concurrent
1/15/2004
(C) 2004 Chin-Tser Huang
12
Port Number


TCP and UDP identify applications by
16-bit port numbers
Some servers are assigned well-known
port number


For example, ftp is port 21 and telnet is
port 23
Clients usually use ephemeral port
numbers between 1024 and 5000
1/15/2004
(C) 2004 Chin-Tser Huang
13
Network Layer



Protocol: IP, ICMP, IGMP
Assign addresses to hosts on the
Internet
Determine how to forward messages
over the Internet
1/15/2004
(C) 2004 Chin-Tser Huang
14
Internet Address



Every interface on the Internet has a
unique address
In IPv4 every address is 32-bit, while in
IPv6 every address is 128-bit
Usually specified with dotted-decimal
notation: written as 4 decimal numbers,
one for each byte

hadar.cse.sc.edu: 129.252.130.109
1/15/2004
(C) 2004 Chin-Tser Huang
15
Classes of Network

Class A
Class B
Class C
Every network belongs to one of five classes,
based on first byte in its address
0
7
netid
1 0
1 1 0
24
hostid
14
netid
16
hostid
21
netid
8
hostid
Class D
1 1 1 0
28
multicast group ID
Class E
1 1 1 1
reserved
1/15/2004
(C) 2004 Chin-Tser Huang
16
Ranges for Different Classes





Class
Class
Class
Class
Class
1/15/2004
A: 0.0.0.0 to 127.255.255.255
B: 128.0.0.0 to 191.255.255.255
C: 192.0.0.0 to 223.255.255.255
D: 224.0.0.0 to 239.255.255.255
E: 240.0.0.0 to 255.255.255.255
(C) 2004 Chin-Tser Huang
17
Domain Name System (DNS)


Dotted-decimal addresses are both hard
to remember and meaningless
Use a structured name for each host


For example, hadar.cse.sc.edu
DNS is a distributed database providing
mapping between IP addresses and
hostnames
1/15/2004
(C) 2004 Chin-Tser Huang
18
Header Encapsulation


An application sends messages down
the protocol stack
Each layer adds information to a
message by prepending an extra header
1/15/2004
(C) 2004 Chin-Tser Huang
19
Header Encapsulation
Application
Transport layer
Network layer
Transport
Network
User data
header
header
Link layer
header
Link
1/15/2004
(C) 2004 Chin-Tser Huang
20
Application Programming Interface (API)


A set of operations available to an
application programmer
Two popular APIs



Sockets developed at Berkeley
X/Open Transport Interface (XTI)
developed by AT&T
We will focus on sockets
1/15/2004
(C) 2004 Chin-Tser Huang
21
What Is a Socket?


An API between applications and
network protocol software
provided by the OS
Provide following functions




Define an abstract endpoint for
communication
Initiate and accept a connection
Send and receive data
Terminate a connection gracefully
1/15/2004
(C) 2004 Chin-Tser Huang
22
Elements of a Socket

Each socket can be uniquely identified
by





Source IP address
Source port number
Destination IP address
Destination port number
An end-to-end protocol (TCP or UDP)
1/15/2004
(C) 2004 Chin-Tser Huang
23
Types of Sockets

Two different types of sockets


Stream sockets
Datagram sockets
1/15/2004
(C) 2004 Chin-Tser Huang
24
Stream Sockets





Also known as connection-oriented
socket
Use TCP
Provide reliable, connected
networking service
Error free; no out-of-order packets
Applications: telnet, ssh, http
1/15/2004
(C) 2004 Chin-Tser Huang
25
Datagram Sockets





Also known as connectionless socket
Use UDP
Provide unreliable, best-effort
networking service
Packets may be lost; may arrive out of
order
Applications: streaming audio/video
1/15/2004
(C) 2004 Chin-Tser Huang
26
Next Class


Socket programming in Java
Read JNP Ch. 14, 16
1/15/2004
(C) 2004 Chin-Tser Huang
27